本文作者: 開發者首頁
本文鏈接: https://blog.kfzsy.com/api-sign.html
java接口簽名算法
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Map;
public class SignUtil {
public static final String SIGN_METHOD_MD5 = "md5";
public static final String SIGN_METHOD_HMAC = "hmac";
private static final String CHARSET_UTF8 = "utf-8";
/**
* 對TOP請求進行簽名。
*/
public static String signTopRequest(Map<String, String> params, String secret, String signMethod) throws IOException {
// 第一步:檢查參數是否已經排序
String[] keys = params.keySet().toArray(new String[0]);
Arrays.sort(keys);
// 第二步:把所有參數名和參數值串在一起
StringBuilder query = new StringBuilder();
if (SIGN_METHOD_MD5.equals(signMethod)) {
query.append(secret);
}
for (String key : keys) {
String value = params.get(key);
if (isNotEmpty(key) && isNotEmpty(value)) {
query.append(key).append(value);
}
}
// 第三步:使用MD5/HMAC加密
byte[] bytes;
if (SIGN_METHOD_HMAC.equals(signMethod)) {
bytes = encryptHMAC(query.toString(), secret);
} else {
query.append(secret);
bytes = encryptMD5(query.toString());
}
// 第四步:把二進制轉化為大寫的十六進制
return byte2hex(bytes);
}
/**
* 對字節流進行HMAC_MD5摘要。
*/
private static byte[] encryptHMAC(String data, String secret) throws IOException {
byte[] bytes = null;
try {
SecretKey secretKey = new SecretKeySpec(secret.getBytes(CHARSET_UTF8), "HmacMD5");
Mac mac = Mac.getInstance(secretKey.getAlgorithm());
mac.init(secretKey);
bytes = mac.doFinal(data.getBytes(CHARSET_UTF8));
} catch (GeneralSecurityException gse) {
throw new IOException(gse.toString());
}
return bytes;
}
/**
* 對字符串采用UTF-8編碼后,用MD5進行摘要。
*/
private static byte[] encryptMD5(String data) throws IOException {
return encryptMD5(data.getBytes(CHARSET_UTF8));
}
/**
* 對字節流進行MD5摘要。
*/
private static byte[] encryptMD5(byte[] data) throws IOException {
byte[] bytes = null;
try {
MessageDigest md = MessageDigest.getInstance("MD5");
bytes = md.digest(data);
} catch (GeneralSecurityException gse) {
throw new IOException(gse.toString());
}
return bytes;
}
/**
* 把字節流轉換為十六進制表示方式。
*/
private static String byte2hex(byte[] bytes) {
StringBuilder sign = new StringBuilder();
for (int i = 0; i < bytes.length; i++) {
String hex = Integer.toHexString(bytes[i] & 0xFF);
if (hex.length() == 1) {
sign.append("0");
}
sign.append(hex.toUpperCase());
}
return sign.toString();
}
private static boolean isNotEmpty(String value) {
int strLen;
if (value == null || (strLen = value.length()) == 0) {
return false;
}
for (int i = 0; i < strLen; i++) {
if ((Character.isWhitespace(value.charAt(i)) == false)) {
return true;
}
}
return false;
}
public static void main(String[] args) throws Exception {
Map<String, String> params = new HashMap<String, String>();
// 公共參數
params.put("method", "taobao.item.seller.get");
params.put("app_key", appKey);
params.put("session", sessionKey);
DateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
params.put("timestamp", df.format(new Date()));
params.put("format", "json");
params.put("v", "2.0");
params.put("sign_method", "hmac");
// 業務參數
params.put("fields", "num_iid,title,nick,price,num");
params.put("num_iid", "123456789");
// 簽名參數
params.put("sign", signTopRequest(params, appSecret, SIGN_METHOD_HMAC));
}
}
JavaScript接口簽名算法
本文作者: 開發者首頁
本文鏈接: https://blog.kfzsy.com/api-sign.html